1 /*
2  * cipher_driver.c
3  *
4  * A driver for the generic cipher type
5  *
6  * David A. McGrew
7  * Cisco Systems, Inc.
8  */
9 
10 /*
11  *
12  * Copyright (c) 2001-2006, Cisco Systems, Inc.
13  * All rights reserved.
14  *
15  * Redistribution and use in source and binary forms, with or without
16  * modification, are permitted provided that the following conditions
17  * are met:
18  *
19  *   Redistributions of source code must retain the above copyright
20  *   notice, this list of conditions and the following disclaimer.
21  *
22  *   Redistributions in binary form must reproduce the above
23  *   copyright notice, this list of conditions and the following
24  *   disclaimer in the documentation and/or other materials provided
25  *   with the distribution.
26  *
27  *   Neither the name of the Cisco Systems, Inc. nor the names of its
28  *   contributors may be used to endorse or promote products derived
29  *   from this software without specific prior written permission.
30  *
31  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
34  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
35  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
36  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
37  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
38  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
41  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
42  * OF THE POSSIBILITY OF SUCH DAMAGE.
43  *
44  */
45 
46 #include <stdio.h>           /* for printf() */
47 #include <stdlib.h>          /* for rand() */
48 #include <string.h>          /* for memset() */
49 #include <unistd.h>          /* for getopt() */
50 #include "cipher.h"
51 #include "aes_icm.h"
52 #include "null_cipher.h"
53 
54 #define PRINT_DEBUG 0
55 
56 void
57 cipher_driver_test_throughput(cipher_t *c);
58 
59 err_status_t
60 cipher_driver_self_test(cipher_type_t *ct);
61 
62 
63 /*
64  * cipher_driver_test_buffering(ct) tests the cipher's output
65  * buffering for correctness by checking the consistency of succesive
66  * calls
67  */
68 
69 err_status_t
70 cipher_driver_test_buffering(cipher_t *c);
71 
72 
73 /*
74  * functions for testing cipher cache thrash
75  */
76 err_status_t
77 cipher_driver_test_array_throughput(cipher_type_t *ct,
78 				    int klen, int num_cipher);
79 
80 void
81 cipher_array_test_throughput(cipher_t *ca[], int num_cipher);
82 
83 uint64_t
84 cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
85 			     unsigned octets_in_buffer, int num_trials);
86 
87 err_status_t
88 cipher_array_delete(cipher_t *cipher_array[], int num_cipher);
89 
90 err_status_t
91 cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers,
92 			cipher_type_t *ctype, int klen);
93 
94 void
usage(char * prog_name)95 usage(char *prog_name) {
96   printf("usage: %s [ -t | -v | -a ]\n", prog_name);
97   exit(255);
98 }
99 
100 void
check_status(err_status_t s)101 check_status(err_status_t s) {
102   if (s) {
103     printf("error (code %d)\n", s);
104     exit(s);
105   }
106   return;
107 }
108 
109 /*
110  * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects
111  * defined in the files in crypto/cipher subdirectory.  these are
112  * declared external so that we can use these cipher types here
113  */
114 
115 extern cipher_type_t null_cipher;
116 extern cipher_type_t aes_icm;
117 extern cipher_type_t aes_cbc;
118 
119 int
main(int argc,char * argv[])120 main(int argc, char *argv[]) {
121   cipher_t *c = NULL;
122   err_status_t status;
123   unsigned char test_key[20] = {
124     0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
125     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
126     0x10, 0x11, 0x12, 0x13
127   };
128   int q;
129   unsigned do_timing_test = 0;
130   unsigned do_validation = 0;
131   unsigned do_array_timing_test = 0;
132 
133   /* process input arguments */
134   while (1) {
135     q = getopt(argc, argv, "tva");
136     if (q == -1)
137       break;
138     switch (q) {
139     case 't':
140       do_timing_test = 1;
141       break;
142     case 'v':
143       do_validation = 1;
144       break;
145     case 'a':
146       do_array_timing_test = 1;
147       break;
148     default:
149       usage(argv[0]);
150     }
151   }
152 
153   printf("cipher test driver\n"
154 	 "David A. McGrew\n"
155 	 "Cisco Systems, Inc.\n");
156 
157   if (!do_validation && !do_timing_test && !do_array_timing_test)
158     usage(argv[0]);
159 
160    /* arry timing (cache thrash) test */
161   if (do_array_timing_test) {
162     int max_num_cipher = 1 << 16;   /* number of ciphers in cipher_array */
163     int num_cipher;
164 
165     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
166       cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher);
167 
168     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
169       cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher);
170 
171     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
172       cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher);
173 
174   }
175 
176   if (do_validation) {
177     cipher_driver_self_test(&null_cipher);
178     cipher_driver_self_test(&aes_icm);
179     cipher_driver_self_test(&aes_cbc);
180   }
181 
182   /* do timing and/or buffer_test on null_cipher */
183   status = cipher_type_alloc(&null_cipher, &c, 0);
184   check_status(status);
185 
186   status = cipher_init(c, NULL, direction_encrypt);
187   check_status(status);
188 
189   if (do_timing_test)
190     cipher_driver_test_throughput(c);
191   if (do_validation) {
192     status = cipher_driver_test_buffering(c);
193     check_status(status);
194   }
195   status = cipher_dealloc(c);
196   check_status(status);
197 
198 
199   /* run the throughput test on the aes_icm cipher */
200     status = cipher_type_alloc(&aes_icm, &c, 30);
201     if (status) {
202       fprintf(stderr, "error: can't allocate cipher\n");
203       exit(status);
204     }
205 
206     status = cipher_init(c, test_key, direction_encrypt);
207     check_status(status);
208 
209     if (do_timing_test)
210       cipher_driver_test_throughput(c);
211 
212     if (do_validation) {
213       status = cipher_driver_test_buffering(c);
214       check_status(status);
215     }
216 
217     status = cipher_dealloc(c);
218     check_status(status);
219 
220   return 0;
221 }
222 
223 void
cipher_driver_test_throughput(cipher_t * c)224 cipher_driver_test_throughput(cipher_t *c) {
225   int i;
226   int min_enc_len = 32;
227   int max_enc_len = 2048;   /* should be a power of two */
228   int num_trials = 100000;
229 
230   printf("timing %s throughput:\n", c->type->description);
231   fflush(stdout);
232   for (i=min_enc_len; i <= max_enc_len; i = i * 2)
233     printf("msg len: %d\tgigabits per second: %f\n",
234 	   i, cipher_bits_per_second(c, i, num_trials) / 1e9);
235 
236 }
237 
238 err_status_t
cipher_driver_self_test(cipher_type_t * ct)239 cipher_driver_self_test(cipher_type_t *ct) {
240   err_status_t status;
241 
242   printf("running cipher self-test for %s...", ct->description);
243   status = cipher_type_self_test(ct);
244   if (status) {
245     printf("failed with error code %d\n", status);
246     exit(status);
247   }
248   printf("passed\n");
249 
250   return err_status_ok;
251 }
252 
253 /*
254  * cipher_driver_test_buffering(ct) tests the cipher's output
255  * buffering for correctness by checking the consistency of succesive
256  * calls
257  */
258 
259 err_status_t
cipher_driver_test_buffering(cipher_t * c)260 cipher_driver_test_buffering(cipher_t *c) {
261   int i, j, num_trials = 1000;
262   unsigned len, buflen = 1024;
263   uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
264   uint8_t idx[16] = {
265     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
266     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34
267   };
268   err_status_t status;
269 
270   printf("testing output buffering for cipher %s...",
271 	 c->type->description);
272 
273   for (i=0; i < num_trials; i++) {
274 
275    /* set buffers to zero */
276     for (j=0; j < buflen; j++)
277       buffer0[j] = buffer1[j] = 0;
278 
279     /* initialize cipher  */
280     status = cipher_set_iv(c, idx);
281     if (status)
282       return status;
283 
284     /* generate 'reference' value by encrypting all at once */
285     status = cipher_encrypt(c, buffer0, &buflen);
286     if (status)
287       return status;
288 
289     /* re-initialize cipher */
290     status = cipher_set_iv(c, idx);
291     if (status)
292       return status;
293 
294     /* now loop over short lengths until buffer1 is encrypted */
295     current = buffer1;
296     end = buffer1 + buflen;
297     while (current < end) {
298 
299       /* choose a short length */
300       len = rand() & 0x01f;
301 
302       /* make sure that len doesn't cause us to overreach the buffer */
303       if (current + len > end)
304 	len = end - current;
305 
306       status = cipher_encrypt(c, current, &len);
307       if (status)
308 	return status;
309 
310       /* advance pointer into buffer1 to reflect encryption */
311       current += len;
312 
313       /* if buffer1 is all encrypted, break out of loop */
314       if (current == end)
315 	break;
316     }
317 
318     /* compare buffers */
319     for (j=0; j < buflen; j++)
320       if (buffer0[j] != buffer1[j]) {
321 #if PRINT_DEBUG
322 	printf("test case %d failed at byte %d\n", i, j);
323 	printf("computed: %s\n", octet_string_hex_string(buffer1, buflen));
324 	printf("expected: %s\n", octet_string_hex_string(buffer0, buflen));
325 #endif
326 	return err_status_algo_fail;
327       }
328   }
329 
330   printf("passed\n");
331 
332   return err_status_ok;
333 }
334 
335 
336 /*
337  * The function cipher_test_throughput_array() tests the effect of CPU
338  * cache thrash on cipher throughput.
339  *
340  * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
341  * of cipher_t of type ctype
342  */
343 
344 err_status_t
cipher_array_alloc_init(cipher_t *** ca,int num_ciphers,cipher_type_t * ctype,int klen)345 cipher_array_alloc_init(cipher_t ***ca, int num_ciphers,
346 			cipher_type_t *ctype, int klen) {
347   int i, j;
348   err_status_t status;
349   uint8_t *key;
350   cipher_t **cipher_array;
351 
352   /* allocate array of pointers to ciphers */
353   cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers);
354   if (cipher_array == NULL)
355     return err_status_alloc_fail;
356 
357   /* set ca to location of cipher_array */
358   *ca = cipher_array;
359 
360   /* allocate key */
361   key = crypto_alloc(klen);
362   if (key == NULL) {
363     free(cipher_array);
364     return err_status_alloc_fail;
365   }
366 
367   /* allocate and initialize an array of ciphers */
368   for (i=0; i < num_ciphers; i++) {
369 
370     /* allocate cipher */
371     status = cipher_type_alloc(ctype, cipher_array, klen);
372     if (status)
373       return status;
374 
375     /* generate random key and initialize cipher */
376     for (j=0; j < klen; j++)
377       key[j] = (uint8_t) rand();
378     status = cipher_init(*cipher_array, key, direction_encrypt);
379     if (status)
380       return status;
381 
382 /*     printf("%dth cipher is at %p\n", i, *cipher_array); */
383 /*     printf("%dth cipher description: %s\n", i,  */
384 /* 	   (*cipher_array)->type->description); */
385 
386     /* advance cipher array pointer */
387     cipher_array++;
388   }
389 
390   return err_status_ok;
391 }
392 
393 err_status_t
cipher_array_delete(cipher_t * cipher_array[],int num_cipher)394 cipher_array_delete(cipher_t *cipher_array[], int num_cipher) {
395   int i;
396 
397   for (i=0; i < num_cipher; i++) {
398     cipher_dealloc(cipher_array[i]);
399   }
400 
401   free(cipher_array);
402 
403   return err_status_ok;
404 }
405 
406 
407 /*
408  * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
409  * number of bits that a cipher implementation can encrypt in a second
410  * when distinct keys are used to encrypt distinct messages
411  *
412  * c is a cipher (which MUST be allocated an initialized already), l
413  * is the length in octets of the test data to be encrypted, and t is
414  * the number of trials
415  *
416  * if an error is encountered, the value 0 is returned
417  */
418 
419 uint64_t
cipher_array_bits_per_second(cipher_t * cipher_array[],int num_cipher,unsigned octets_in_buffer,int num_trials)420 cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
421 			      unsigned octets_in_buffer, int num_trials) {
422   int i;
423   v128_t nonce;
424   clock_t timer;
425   unsigned char *enc_buf;
426   int cipher_index = 0;
427 
428 
429   enc_buf = crypto_alloc(octets_in_buffer);
430   if (enc_buf == NULL)
431     return 0;  /* indicate bad parameters by returning null */
432 
433   /* time repeated trials */
434   v128_set_to_zero(&nonce);
435   timer = clock();
436   for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
437 
438     /* choose a cipher at random from the array*/
439     cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
440 
441     /* encrypt buffer with cipher */
442     cipher_set_iv(cipher_array[cipher_index], &nonce);
443     cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_in_buffer);
444   }
445   timer = clock() - timer;
446 
447   free(enc_buf);
448 
449   if (timer == 0) {
450     /* Too fast! */
451     return 0;
452   }
453 
454   return CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
455 }
456 
457 void
cipher_array_test_throughput(cipher_t * ca[],int num_cipher)458 cipher_array_test_throughput(cipher_t *ca[], int num_cipher) {
459   int i;
460   int min_enc_len = 16;
461   int max_enc_len = 2048;   /* should be a power of two */
462   int num_trials = 10000;
463 
464   printf("timing %s throughput with array size %d:\n",
465 	 (ca[0])->type->description, num_cipher);
466   fflush(stdout);
467   for (i=min_enc_len; i <= max_enc_len; i = i * 4)
468     printf("msg len: %d\tgigabits per second: %f\n", i,
469 	   cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9);
470 
471 }
472 
473 err_status_t
cipher_driver_test_array_throughput(cipher_type_t * ct,int klen,int num_cipher)474 cipher_driver_test_array_throughput(cipher_type_t *ct,
475 				    int klen, int num_cipher) {
476   cipher_t **ca = NULL;
477   err_status_t status;
478 
479   status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
480   if (status) {
481     printf("error: cipher_array_alloc_init() failed with error code %d\n",
482 	   status);
483     return status;
484   }
485 
486   cipher_array_test_throughput(ca, num_cipher);
487 
488   cipher_array_delete(ca, num_cipher);
489 
490   return err_status_ok;
491 }
492